commit 29fedf210f6eb7aae585946e36654e50be52e317

pyrox.dev / nixpkgs

lol

fork atom

canonicalize-jars-hook: add

A build hook to run functions previously only implemented privately in
`pkgs/build-support/release/functions.sh`.

authored by bb010g.com and committed by

Doron Behar 4 years ago 29fedf21 77382d5e

+61

4 changed files

expand all

unified split

pkgs

build-support

java

canonicalize-jar.nix

canonicalize-jar.sh

setup-hooks

canonicalize-jars.sh

top-level

all-packages.nix

pkgs/build-support/java/canonicalize-jar.nix

··· 1 + { substituteAll, unzip, zip }: 2 + 3 + substituteAll { 4 + name = "canonicalize-jar"; 5 + src = ./canonicalize-jar.sh; 6 + 7 + unzip = "${unzip}/bin/unzip"; 8 + zip = "${zip}/bin/zip"; 9 + }

+29

pkgs/build-support/java/canonicalize-jar.sh

··· 1 + # Canonicalize the manifest & repack with deterministic timestamps. 2 + canonicalizeJar() { 3 + local input='' outer='' 4 + input="$(realpath -sm -- "$1")" 5 + outer="$(pwd)" 6 + # -qq: even quieter 7 + @unzip@ -qq "$input" -d "$input-tmp" 8 + canonicalizeJarManifest "$input-tmp/META-INF/MANIFEST.MF" 9 + # Sets all timestamps to Jan 1 1980, the earliest mtime zips support. 10 + find -- "$input-tmp" -exec touch -t 198001010000.00 {} + 11 + rm "$input" 12 + pushd "$input-tmp" 2>/dev/null 13 + # -q|--quiet, -r|--recurse-paths 14 + # -o|--latest-time: canonicalizes overall archive mtime 15 + # -X|--no-extra: don't store platform-specific extra file attribute fields 16 + @zip@ -qroX "$outer/tmp-out.jar" . 2> /dev/null 17 + popd 2>/dev/null 18 + rm -rf "$input-tmp" 19 + mv "$outer/tmp-out.jar" "$input" 20 + } 21 + 22 + # See also the Java specification's JAR requirements: 23 + # https://docs.oracle.com/javase/8/docs/technotes/guides/jar/jar.html#Notes_on_Manifest_and_Signature_Files 24 + canonicalizeJarManifest() { 25 + local input='' 26 + input="$(realpath -sm -- "$1")" 27 + (head -n 1 "$input" && tail -n +2 "$input" | sort | grep -v '^\s*$') > "$input-tmp" 28 + mv "$input-tmp" "$input" 29 + }

+17

pkgs/build-support/setup-hooks/canonicalize-jars.sh

··· 1 + # This setup hook causes the fixup phase to repack all JAR files in a 2 + # canonical & deterministic fashion, e.g. resetting mtimes (like with normal 3 + # store files) and avoiding impure metadata. 4 + 5 + fixupOutputHooks+=('if [ -z "$dontCanonicalizeJars" -a -e "$prefix" ]; then canonicalizeJarsIn "$prefix"; fi') 6 + 7 + canonicalizeJarsIn() { 8 + local dir="$1" 9 + header "canonicalizing jars in $dir" 10 + dir="$(realpath -sm -- "$dir")" 11 + while IFS= read -rd '' f; do 12 + canonicalizeJar "$f" 13 + done < <(find -- "$dir" -type f -name '*.jar' -print0) 14 + stopNest 15 + } 16 + 17 + source @canonicalize_jar@

pkgs/top-level/all-packages.nix

··· 153 153 154 154 appindicator-sharp = callPackage ../development/libraries/appindicator-sharp { }; 155 155 156 + canonicalize-jar = callPackage ../build-support/java/canonicalize-jar.nix { }; 157 + canonicalize-jars-hook = makeSetupHook { 158 + name = "canonicalize-jars-hook"; 159 + substitutions = { canonicalize_jar = canonicalize-jar; }; 160 + } ../build-support/setup-hooks/canonicalize-jars.sh; 161 + 156 162 ensureNewerSourcesHook = { year }: makeSetupHook {} 157 163 (writeScript "ensure-newer-sources-hook.sh" '' 158 164 postUnpackHooks+=(_ensureNewerSources)